Risk analysis for radiotherapy at the Universitätsklinikum Erlangen

Daniel Lohmann; Marga Lang-Welzenbach; Lorenz Feldberger; Ellen Sommer; Stefan Bücken; Michael Lotter; Oliver J Ott; Rainer Fietkau; Christoph Bert

doi:10.1016/j.zemedi.2021.11.002

. 2022 Jan 7;32(3):273–282. doi: 10.1016/j.zemedi.2021.11.002

Risk analysis for radiotherapy at the Universitätsklinikum Erlangen

Daniel Lohmann ^1,^2,^⁎, Marga Lang-Welzenbach ^1,², Lorenz Feldberger ³, Ellen Sommer ⁴, Stefan Bücken ³, Michael Lotter ^1,², Oliver J Ott ^1,², Rainer Fietkau ^1,², Christoph Bert ^1,²

PMCID: PMC9948825 PMID: 35012863

Abstract

Purpose

Risk analysis is required by various laws and regulations in Germany and has an impact on each department of a large clinic. We provide an overview of the relevant laws and regulations in Germany and present the technical and organizational experience of introducing risk analysis in the Department of Radiation Oncology at the Universitätsklinikum Erlangen.

Methods

Risk analysis was performed with an in-house developed extension of our intranet platform and ticketing system. Risks were classified according to occurrence and severity, each on a 5-level scale resulting into a risk matrix. An interdisciplinary team of six experienced members formed the core meeting weekly.

Results

A total of 38 risks and 50 measures have been identified in 41 1 h-meetings corresponding to approx. 260 working hours. Risk was distributed 8/20/13 to the categories critical (n = 8), monitoring (n = 20), and conditionally acceptable (n = 13). Risk analysis has been evaluated before and after introducing measures.

Conclusion

The risk analysis method introduced has been successfully used in routine operations for over a year. Risk analysis takes time and effort. However, because experts from different disciplines meet each other every week, the overall workflow of the radiation oncology department can be improved efficiently and continuously.

Keywords: Risk analysis, Radiation therapy, GBA, Strahlenschutzverordnung

1. Introduction

Although there have been requirements for quality standards [1], [2], [3] for the implementation of radiation therapy for decades, there are legal requirements for additional requirements. Additionally, various laws and ordinances require hospitals to have operational risk analysis. That applies not only to radiation therapy but to all areas of the clinic. Using Germany as an example, the commercial department of a clinic is obliged to carry out risk analysis by legal regulations such as Law on Control and Transparency in Business (KonTraG) [4] (all italic written abbreviations are explained with an English translation and in some detail in Table 4 in Appendix A). Above a certain size, a clinic is also regarded as a critical infrastructure and therefore the IT infrastructure must meet the requirements of the IT Security Law [5], [6], [7]. The Medical Device Operator Ordinance [27] requires the operator of medical devices to carry out a risk analysis of the IT infrastructure before putting new medical devices into operation in heterogeneous medical device networks. For departments that treat with ionizing radiation, the Radiation Protection Ordinance [9] also applies, which requires a risk analysis before introducing new treatment methods and before changes to existing treatment methods. Table 1 provides an overview of the applicable laws and regulations.

Table 1.

Laws and regulations that prescribe risk analysis. The priority is to be read from top to bottom. The business risk analysis is required by commercial risk analysis, which follows from KonTraG plus §53 HGrG [4], [22]. The risk analysis according to the Radiation Protection Ordinance follows from the Euratom Directive and the Radiation Protection Law [9], [10], [23]. The Medical Device Operator Ordinance [27] prescribes a risk analysis by the operator when commissioning networked medical devices. This can be done by IEC 80001-1 [29]. Clinical risk analysis is required by the Federal Joint Committee (G-BA) [26]. Besides, certain clinics must comply with the IT security law and BSI CIS guidelines [6], [24]. More details on all laws and ordinances are explained in Appendix A.

	Commercial risk management	Radiation Protection Law	Medical device regulation	IT security	Clinical risk management
EU Regulation	2006/49 [16] 2006/48 [17]	2013/59/Euratom Article 63, b [10]	2001/83 [18] 178/2002 [19] 2017/745 [20]	NIS directive [21]
National Law	§53 HGrG [22] KonTraG [4]	Radiation Protection Law §86 sentence 1 Number 14 [23]	MPDG [8]	IT security law [24]	§135(a) Subsection 2 Sentence 2 of Volume V of the German Social Insurance Code (SGB V) [25] G-BA [26]
National Guideline		Radiation Protection Ordinance [9]	Medical Device Operator Ordinance §3 Abs. 1 [27]	BSI KRITIS Ordinance [6]
Norm	ISO 9001:2015 [28]			IEC 80001-1 [29]

Open in a new tab

Several methods exist to perform risk analysis. Failure mode and effect analysis (FMEA), is widely used in industry and recommended, e.g., by the German Federal Office for Radiation Protection (BfS) [11] or the TG 100 of the American Association for Physicists in Medicine (AAPM) [12]. There are already many publications describing this method [13], [14], [15]. The basic idea of FMEA is to analyze the processes and divide them into sub-processes. For each process step, one can then assign failure modes. For each failure mode, the likelihood of occurrence (O), its severity (S), and the likelihood of going undetected (D) is determined. TG 100 suggests a 10-fold scale to classify O, S, and D. Using these metrics, the risk priority number (RPN) is calculated by multiplying the three values of O, S, D, respectively [12].

Since, as far as we know, there is no publication with an overview of all the regulations concerning risk analysis that must be followed by a clinic in Germany in general and by a radiation oncology department in particular, this work aims to provide such an overview and implications for fulfilling it. The Department of Radiation Oncology is a pilot clinic within the Universitätsklinikum Erlangen (UK Erlangen) for risk analysis. We present our experiences with risk assessment using only severity and occurrence scales and a two-dimensional criticality matrix in addition to the software systems that support these processes. The reason why we have chosen severity and occurrence as risk scales will be explained in the following.

2. Materials and methods

2.1. Relevant laws and regulations

Commercial risk analysis must be performed by hospitals depending on their legal form. The legal basis for this is the KonTraG. This part of risk analysis is usually carried out by the commercial department [4], [16], [17], [22], [26]. For hospitals with more than 30,000 in-patients per year, IT security risk analysis must be done as regulated by the IT security law along with BSI Guideline for Critical Infrastructures. This task is typically performed by the IT department [6]. The tasks of radiation therapy include clinical risk analysis through the requirements of the G-BA and risk analysis according to the new Radiation Protection Ordinance. These will be explained in more detail in the following. The G-BA is the highest decision-making body of the joint self-administration of physicians, dentists, psychotherapists, hospitals, and health insurance funds in Germany [26]. Among other things, it decides on quality assurance measures for the outpatient and inpatient areas of the health system [30]. According to the G-BA, a risk analysis system, a system where patients can report complaints, and a critical incident and reporting system (CIRS) must be introduced across clinics, §135a SGB Sec. (3) [25].

For clinics that work with ionizing radiation, §126 of the Radiation Protection Ordinance also applies, which obliges those responsible for radiation protection to carry out a risk analysis before the introduction of a new treatment method or before changing an existing treatment method [9]. The legal basis for this is §86 No. 14 of the Radiation Protection Law. This applies to external beam therapy, brachytherapy, nuclear medicine, and orthovoltage radiation therapy [23]. The BfS suggests renewing risk analysis every three years [11]. The Radiation Protection Ordinance demands a retention period of ten years [9].

2.2. Overview of UK Erlangen and the Department of Radiation Oncology

The UK Erlangen currently has 1394 beds, 8063 employees, and 1268 physicians [31]. These work in 25 different medical departments, covering the full medical spectrum [32]. A separate department is responsible for supporting the IT infrastructure of the clinic including three separate data centers. As UK Erlangen exceeds the limit of 30,000 inpatients per year, the clinic also falls under the KRITIS Ordinance. Thus, the rules of the BSI law apply.

The Department of Radiation Oncology performs percutaneous radiotherapy using five medical linear accelerators, brachytherapy (PDR/HDR), orthovoltage radiation therapy and hyperthermia.

It is utilizing a planning CT, a ward with approximately 50 beds, an own outpatient section for chemotherapy, and the required software infrastructure to operate the above-mentioned medical devices.

Per year about 2700 patients are treated, of which ∼500 receive brachytherapy, ∼600 orthovoltage radiation therapy, and ∼1600 external beam therapy.

2.3. Implementation of risk analysis at UK Erlangen

The central information hub in the intranet of UK Erlangen is the wiki software Confluence (v7.1, Atlassian, London). Risk analysis is implemented using JIRA (v8.14, Atlassian, London) and the extension Risk Register (ProjectBalm, Australia). Furthermore, Confluence is used for the documentation of the risk analysis meetings. Figure 1 shows the dependencies between JIRA and Confluence with the features of both. Various adjustments were programmed in-house to meet requirements not covered in the original implementation. As displayed in Figure 2, the GUI is split into tabs covering risk identification, risk assessment, and planning of measures. Each tab includes multiple entries (e.g. risk category, cause, configurable naming) of different field types which can be chosen from the library JIRA offers. Fields can be linked to the active directory of Windows (Microsoft, Redmond, USA) allowing pre-filtered entry options, e.g., only measures of a certain department rather than all measures of the university clinic. Technically, this is implemented using the “Jira Query Language” (JQL [41]) which was also used for the creation of user-specific lists.

Saved data in JIRA and Confluence. Confluence offers access to documents such as laws, ordinances, and SOPs. The meeting notes that one can create in Confluence are also crucial for risk analysis. In JIRA, risk analysis is carried out by creating so-called tickets. Besides, one can create measures that can be assigned to a specific person or multiple persons.

User interface for entering the risks. (a) Entering the risk identification, (b) gross risk assessment with the described risk scale, (c) planning of measures. Net risk assessment is equivalent to gross risk assessment, (d) number of implemented measures to reach the net situation.

In JIRA, the process types “risk” and “measure” were developed according to the in-house needs, i.e., the input mask for “risk” was mapped according to the ISO 31000 risk analysis process. The reciprocal m:n linking of n risks and m measures was also configured independently. The risk analysis portal is based on comprehensive authorization management, i.e., the centralized and decentralized views of risks and measures are regulated by different authorization roles. All risks and measures can be tracked thanks to the risk analysis matrix and the key wording for resubmission.

Risks entries are created in JIRA in four steps with screenshots of a representative risk shown in Figure 2. First, the risk identification takes place, in which the risk is specified exactly.

This is followed by the gross risk assessment specifying the risk implications without any measures (Figure 2b). Third, the net risk assessment must be carried out. Here, the risk is assessed considering the measures currently in place (Figure 2c and d).

Gross and net risks are quantified by their occurrence O and severity S using the scales defined in Table 2, Table 3, respectively. First, the risks in the workflow steps that may have a direct impact on patient health are considered.

The system can be extended with other scales for other risk areas such as occupational safety or for the assessment of economic risks. Last, all measures, i.e., existing ones reducing gross to net risk, but potentially also new measures need to be added and linked to the risk. Based on occurrence and severity, all risks (e.g., of a department) can be attributed in one of three categories (see Table 2) and displayed in a risk matrix, Figure 4.

Risk matrices and implemented measures of all risks discussed till July 2021. (a) Risk matrix of gross risk assessment (no measures) with the number of risks per category (b), (c) risk matrix of net risk assessment based on the measures that were implemented before risk analysis started, (d) number of implemented measures to reach the net situation and (e) risk matrix after the measures determined as part of risk analysis (f) were implemented.

3. Initial experiences

Risk analysis has been carried out at the Department of Radiation Oncology since March 2020, and 41 1 h-meetings of an expert panel have taken place till July 2021. The first month was required to get familiar with risk analysis.

The panel is led by the quality assurance officer of the clinic and further constituted by senior physicians, physicists, radiotherapy technologists and additional representatives of the department in case the discussed topic requires their expertise. Risk assessment is based on the workflow underlying the treatment of patients that is displayed in Figure 3 (details in Table 5) and was defined by the panel in the first meetings. Based on this process chain of 13 steps, the individual failure modes resulting in risk entries are discussed in the weekly meeting. A total of n = 38 risks and m = 50 measures were discussed in the period mentioned above. No explicit use of failure modes reported in literature was made.

Default workflow external beam radiation therapy of the Department of Radiation Oncology at UKER. For a detailed description see text.

In this initial phase of risk analysis only those risks and respective measures are discussed that are most important to the clinical process. Low-priority risks are currently documented in Confluence for future discussion. Deviations from the workflow-based assessment are accepted in case every day's problems or incidences trigger discussions within the panel.

Figure 4 shows the evolution of risk matrices as a function of measures introduced over time. Measures can be either in progress or implemented. Measures in progress refer to those that require writing a Standard Operating Procedure (SOP) or implementing additional equipment (e.g., biometrical validation of patients). If a measure has SOPs and these have been communicated, it is considered to have been implemented. Figure 4a shows the risk matrix in the case that no measures are taken (Gross Risk Assessment) with the total number for each risk category listed in Figure 4b. At the time risk analysis was initiated, assessment of the net risk resulted in the risk matrix shown in Figure 4c. The number of implemented measures to reach the net situation is listed in Figure 4d. Figure 4e shows the risk matrix resulting from risk analysis by introduction of further measures (see Figure 4f) that were initiated in the discussions of the expert panel. Not all those very recent measures were already implemented and thus some risks currently remain in the red/critical category.

Comparison of Figure 4a and c further shows that risks mainly varied in occurrence. After introducing new measures risks can also vary in severity (Figure 4e).

Overall, the experience has shown that one can discuss around 1 risk per hour. In addition, the QA officer works again for 15–20 min documenting the risks and measures properly. If it is required, additional time is needed for creation of SOPs which can be multiple hours especially if several experts need to be involved. This gives a total of at least 6–7 working hours per week for risk analysis if the meeting takes place. So far, risks have not been re-evaluated as the suggested 3-year period [11] is not yet reached.

4. Discussion

Risk analysis is required by the laws described for almost all areas of a radiation oncology department. Following the amendment of the Radiation Protection Ordinance by §126 enacted in 2019, at least a decided risk analysis now also applies to radiation protection. This paper presents a methodology and an implementation of risk analysis of a large Department of Radiation Oncology in Germany, which considers both the guidelines of the G-BA and the new Radiation Protection Ordinance. After getting a clear overview of the currently applicable laws and regulations, risk analysis was introduced to the RM team by the QA officer. It then took around four weeks for everybody to familiarize themselves with risk analysis with reference to quantification of severity and occurrence scales. Part of the familiarization were literature studies [12], [14], [15], [34], [35], [36], [37], [38], [39] and participation of dedicated meetings e.g., of the professional societies.

An important issue is the amount of time required to perform risk analysis. Perks et al. required about 100 h for the analysis of an SBRT process [37]. Ford et al. reported less than a month and 75 h for a broader FMEA that included the entire treatment process [15]. To date, it has taken us about 270 h for implementing a risk analysis team and addressing most of the external beam treatment workflow. The limited progress compared to Ford et al. can also be attributed to the fact that we had no experience in dealing with FMEA and risk analysis at the beginning and that our core team consisted of seven clinical specialists and one QM officer, i.e., a large team. This large team had the advantage that two employees from each professional group were involved. In case individuals could not make it to the weekly meeting, e.g., due to other clinical tasks, at least a core team remained and could continue the risk analysis. In addition, further colleagues are meanwhile involved and thus familiar with risk analysis, so that if one employee from the core team is unable to attend, a substitute is available. Having more employee's leads to better results in the discussion, even if this means that more time must be invested. Despite this substantial time only the main workflow was discussed.

Risk assessments and evaluations for special and rare treatment techniques such as total skin irradiation and/or the introduction of new treatment concepts/devices were handled separately [42].

Software supporting risk analysis is commercially available from several vendors also dedicated for clinical purposes. Despite that fact, we decided to build our risk analysis software based on JIRA so that the integration into the Confluence-based internal workspace can be ensured. In addition, solutions dedicated to radiation oncology are still sparse [38].

Frequently used alternatives are also in-house options based on office tools that do not allow user management, revise, and other similar essentials when designing the solution for a large university clinic [13], [14], [15]. JIRA has been shown to help with risk analysis. After a short training period, many users could operate the tool and create risks.

With the current methodology, the probability of occurrence and severity of a failure mode is subjectively estimated by the expert panel. Ideally, quantitative feedback, e.g., from an incident reporting system (CIRS or alike) would be included in the specifications [34]. Part of the estimation and discussion process is the identification of measures that mitigate the risk once completed. Measures are described and attributed to person(s) with a due date for fulfillment. Each measure can be linked to one or multiple risks. Finding the cause of a failure would require a Fault Tree Analysis (FTA), which is currently not implemented. In addition, JIRA cannot display a process chain, which is essential for an FMEA. In addition, many risks are caused by the IT equipment used. Thus, in a further step, the risk analysis of the Department for Radiation Oncology should also incorporate the relevant IT infrastructure. Since a risk analysis of the entire IT of the university clinic is anyway conducted in accordance with the requirements of the BSI law synergistic effects can be exploited. Similarly, a specific risk analysis of the devices of the medical equipment of the Department of Radiation Oncology has not yet been performed. For this purpose, it would be desirable to map the workflows in the form of a process diagram that implements the requirements of the Radiation Protection Ordinance and the G-BA. Improvements of the software infrastructure are thus currently discussed internally.

Another aspect is the scales used to evaluate the risk entries. The scales should allow a meaningful but also comprehensive graduation of occurrences (O), severities (S), and (if applicable) detectability (D). Care must be taken to ensure that the scale is understood and accepted by all parties involved and that it can be used to assess risks within a reasonable time. Many publications use a risk scale based on the TG-100 report for risk analysis [12], [13], [14], [15]. This provides for a ten-level subdivision of the risk levels. In addition, a risk priority number (RPN) is formed from S, D, and O. This method has the advantage that it allows a very fine-grained risk assessment. The disadvantage is that due to the many intermediate levels in the subdivision, it can take a long time in the discussion of the risks until all participants have agreed on a value. A recent publication describes a risk scale that is specifically adapted to risk analysis in radiation oncology using questionnaires [35]. The method we use, with a five-stage scale and only two dimensions by integrating detectability into occurrence, has the advantage that risks can be classified quickly, and all risks are displayable in a risk matrix. Performing a risk analysis using a risk matrix is also described in [39]. The implementation of measures can in principle shift risks in occurrence and severity as shown in a radiation oncology setting [40]. In our experience, for most failure modes the introduction of measures only reduced the occurrence in particular for the transition from gross to net risks (Figure 4 a,c). Measures that also reduce severity were established within the process of risk analysis (Figure 4d and e). The risks from the risk analysis are re-evaluated after three years at the latest, with the aim of getting the risks into increasingly harmless risk regions through new measures.

It is noticeable that most of the risks are critical risks or risks that need to be monitored. This can be explained by the fact that the FMEA is based on the clinical experience of the staff involved and not yet by quantitative measures such as incidence levels of e.g., near misses. It is thus more likely but also desirable to note critical risks than the less critical ones. Contributing to this trend is the already mentioned internal decision of focusing on the risks most important to the clinical process leading to the fact that we have not yet identified all possible risks that occur in a workflow step with the missing ones likely being conditionally acceptable risks. Research by Terezakis et al. has shown that about 42% of all risks are not identified by an FMEA [33]. Therefore, FMEA should be complemented by incident learning systems. A Critical Incident and Reporting System (CIRS) implements this in our clinic.

5. Conclusion

Risk analysis is required in multiple laws and regulations [4], [6], [9], [22], [23], [25] and thus affecting essentially each department of a large clinic. This is in particular true for radiation oncology since recently also radiation protection law requires risk assessments. An interdisciplinary group was formed for risk assessment meetings nominally weekly. Risk identification is carried out using the process chain of the treatment workflow. Confluence, JIRA, and Risk Register are used for risk documentation as these tools could be integrated seamlessly into the intranet portal used at UKER.

Identification of 38 risks, development of 50 measures to overcome those risks, and the required documentation took ∼260 person hours in 41 meetings. Additional time is required for writing e.g., SOPs foreseen in the developed measures.

Conflict of interest

The authors declare that they have no known competing financial interests or personal relationships that could have appeared to influence the work reported in this paper. The authors have no relevant conflicts of interest to disclose.

Acknowledgments

Bayerisches Staatsministerium für Wirtschaft, Landesentwicklung und Energie (StMWi) supported this work as part of the funding program “Informations- und Kommunikationstechnik” (IUK 588/0022). We would also like to thank all colleagues who gave us the time for personal discussions, Marga Lang-Welzenbach, Ellen Sommer, Lorenz Feldberger, Stefan Bücken, Gabi Heumann, Oliver Ott and Katja Ott. The presented work was performed in partial fulfillment of the requirements for obtaining the degree of Dr. rer. biol. hum. at the Friedrich-Alexander-Universität (FAU).

Appendix A.

Table 2.

Risk rating scale and severity as well as the occurrence.

Occurrence level	Description	Severity level	Description
A = Unlikely	Less than once in three years	I = Very small	Treatment error but without discomfort/pain
B = Rarely	Once in three years	II = Small	Slight damage to health with discomfort/pain up to three days
C = Possible	Once a year	III = Noticeable	Temporary damage to health with discomfort/pain, more than three days
D = Occasionally	Once a quarter	IV = Significant	Severe damage to health with permanent consequences without permanent need for care but with occupational restrictions
E = Regularly	Once a month or more often	V = Serious	Severe damage to health with permanent consequences and possibly death

Open in a new tab

Table 3.

Risk category and risk level.

Risk category	Explanation
Conditionally acceptable risks	For these risks, it must be verified whether the defined and established measures are effective. These risks must be monitored regularly.
Risks requiring monitoring	Prevention and management measures must be defined for these risks. These risks require ongoing monitoring.
Critical risks	Measures for the prevention and management of these risks must be defined immediately and implemented quickly.

Open in a new tab

Table 4.

Details on laws and ordinances.

German word	English translation	Explanation
Gesetz zur Kontrolle und Transparenz im Unternehmensbereich (KonTraG)	Corporate Control and Transparency Act	This law aims to improve the corporate governance of German businesses.
IT Sicherheitsgesetz	IT Security Law	This law aims to improve the security of so-called critical infrastructures against cyber-attacks.
Bundesamt für Sicherheit in der Informationstechnik (BSI) Verordnung für Kritische Infrastrukturen	BSI Ordinance for Critical Infrastructures	This guideline defines what critical infrastructures are and how to protect them.
Medizinproduktedurchführungsgesetz	Medical Device implementation Law	Law that governs the obligations of the vendor of medical devices.
Strahlenschutzgesetz	Radiation Protection Law	Law on the protection of the public from the use and effects of ionizing radiation.
Strahlenschutzverordnung	Radiation Protection Ordinance	Ordinance on the handling of ionizing radiation and its application to humans.
Bundesamt für Strahlenschutz (BfS)	German Federal Office for Radiation	Federal Agency for the Environment, Protection Nature, Conservation and Nuclear safety.
Gemeinsamer Bundesausschuss (G-BA)	Federal Joint Committee	Highest decision-making body of joint self-administration of doctors, dentists, psychotherapists, hospital and health insurance funds in Germany.
Soziales Gesetzbuch (S-GB)	Social code	Act for the social law.

Open in a new tab

Table 5.

Workflow steps and detailed descriptions.

Step	Description
Planning initial visit	Review documents, organize findings, first talk to the patient by an assistant physician, and make a preliminary therapy decision.
Morning meeting	Discuss new introduced patient and make a therapy decision.
Coordination	Make appointments for further treatment, decide if the patient is inpatient.
Imaging for treatment planning	Medical imaging consisting of a CT and if necessary an MRT and PET/CT.
Medical treatment planning	Medical treatment planning.
Physical treatment planning	Physical treatment planning.
Verification of treatment planning	Log file based or measurement-based verification of treatment plan by MPE.
Preparation at LINAC	Preparation by a responsible RTT.
Initial setting talk	First setting talk by the responsible physician to inform the patient about treatment plan including potential changes of the treatment concept.
Patient positioning of first treatment	First setting by responsible RTT and senior physician.
Irradiation(s)	Irradiation of patients by the responsible RTTs.
Final visit	The physician talks to the patient after all fractions have been applied.
Follow up	Talk to a patient after completed treatment.

Open in a new tab

References

1.Guckenberger M., Baus W.W., Blanck O., Combs S.E., Debus J., Engenhart-Cabillic R., et al. Definition and quality requirements for stereotactic radiotherapy: consensus statement from the DEGRO/DGMP Working Group Stereotactic Radiotherapy and Radiosurgery. Strahlenther Onkol. 2020;196(5):417–420. doi: 10.1007/s00066-020-01603-1. PMID: 32211940; PMCID: PMC7182610. [DOI] [PMC free article] [PubMed] [Google Scholar]
2.Kriz J., Baues C., Engenhart-Cabillic R., Haverkamp U., Herfarth K., Lukas P., et al. New quality assurance program integrating “modern radiotherapy” within the German Hodgkin Study Group. Strahlenther Onkol. 2017;193(2):100–108. doi: 10.1007/s00066-016-1048-y. [English]. Epub 27 September 2016. PMID: 27678010. [DOI] [PubMed] [Google Scholar]
3.Steiniger B., Berger R., Eilzer S., Kornhuber C., Lorenz K., Peil T., et al. Patient-related quality assurance with different combinations of treatment planning systems, techniques, and machines: a multi-institutional survey. Strahlenther Onkol. 2017;193(1):46–54. doi: 10.1007/s00066-016-1064-y. Epub 3 November 2016. PMID: 27812732. [DOI] [PubMed] [Google Scholar]
4.Gesetz zur Kontrolle und Transparenz im Unternehmensbereich (KonTraG) 1998. Bundesgesetzblatt Teil 1. [Google Scholar]
5.IT-Sicherheitsgesetz; 2015. Bundesministerium für Sicherheit in der Informationstechnik. [Google Scholar]
6.Bundesministerium für Sicherheit in der Informationstechnik . 2016. Verordnung zur Bestimmung Kritischer Infrastrukturen nach dem BSI-Gesetz. [Google Scholar]
7.Bundesministerium für Sicherheit in der Informationstechnik . 2017. Gesetz zur Umsetzung der Richtlinie (EU) 2016/1148. [Google Scholar]
8.Bundesministerium der Justiz und für Verbraucherschutz . 2020. Gesetz zur Durchführung unionsrechtlicher Vorschriften betreffend Medizinprodukte (Medizinprodukte-Durchführungsgesetz-MPDG) [Google Scholar]
9.Bundesministerium der Justiz und für Verbraucherschutz . 2018. Verordnung zum Schutz vor der schädlichen Wirkung ionisierender Strahlung (Strahlenschutzverordnung - StrlSchV) [Google Scholar]
10.European Union . 2013. Richtlinie 2013/59/EURATOM des Rates. [Google Scholar]
11.2015. Empfehlungen von BfS, DEGRO, DGMP und DGN zur Risikoanalyse bei therapeutischen Strahlenanwendungen Artikel 63 Buchstabe b der EU-Direktive 2013/59/Euratom. https://www.bfs.de/SharedDocs/Downloads/BfS/DE/fachinfo/ion/empfehlungen-risikoanalyse.pdf;jsessionid=72E44A52D4AB37033D24A9BF2A9C98B2.1_cid382?__blob=publicationFile&v=1 [accessed 11 November 2021] [Google Scholar]
12.Huq M.S., Fraass B.A., Dunscombe P.B., Gibbons J.P., Jr., Ibbott G.S., Mundt A.J., et al. The report of Task Group 100 of the AAPM: application of risk analysis methods to radiation therapy quality management. Med Phys. 2016;43(7):4209. doi: 10.1118/1.4947547. PMID: 27370140; PMCID: PMC4985013. [DOI] [PMC free article] [PubMed] [Google Scholar]
13.Younge K.C., Wang Y., Thompson J., Giovinazzo J., Finlay M., Sankreacha R. Practical implementation of failure mode and effects analysis for safety and efficiency in stereotactic radiosurgery. Int J Radiat Oncol Biol Phys. 2015;91(5):1003–1008. doi: 10.1016/j.ijrobp.2014.12.033. Epub 7 February 2015. PMID: 25670543. [DOI] [PubMed] [Google Scholar]
14.Ford E.C., Gaudette R., Myers L., Vanderver B., Engineer L., Zellars R., et al. Evaluation of safety in a radiation oncology setting using failure mode and effects analysis. Int J Radiat Oncol Biol Phys. 2009;74(3):852–858. doi: 10.1016/j.ijrobp.2008.10.038. [DOI] [PMC free article] [PubMed] [Google Scholar]
15.Ford E.C., Smith K., Terezakis S., Croog V., Gollamudi S., Gage I., et al. A streamlined failure mode and effects analysis. Med Phys. 2014;41(6):061709. doi: 10.1118/1.4875687. PMID: 24877804. [DOI] [PubMed] [Google Scholar]
16.European Union . 2006. Directive 2006/49/EC of the European Parliament and of the council. [Google Scholar]
17.European Union . 2006. Directive 2006/48/EG of the European Parliament and of the council. [Google Scholar]
18.European Union . 2001. Directive 2001/83/EC of the European Parliament and of the council. [Google Scholar]
19.European Union . 2002. Regulation (EC) no 178/2002 of the European Parliament and of the council. [Google Scholar]
20.European Union . 2017. Regulation (EU) 2017/745 of the European Parliament and of the council on medical devices, amending Directive 2001/83/EV, Regulation (EC) No 178/2002 and Regulation (EC) No 1223/2009 and repealing Council Directives 90/385/EEC and 93/42/EEC. [Google Scholar]
21.European Union . 2016. Directive (EU) 2016/1148 of the European Parliament and of the council. [Google Scholar]
22.Bundesministerium der Justiz und für Verbraucherschutz . 2017. Gesetz über die Grundsätze des Haushaltsrechts des Bundes und der Länder (Haushaltsgrundgesätzegesetz - HGrG) [Google Scholar]
23.Bundesministerium der Justiz und für Verbraucherschutz . 2017. Gesetz zum Schutz vor der schädlichen Wirkung ionisierender Strahlung (Strahlenschutzgesetz - StrlSchG) [Google Scholar]
24.Bundesministerium des Inneren . 2019. IT-Sicherheitsgesetz 2.0. [Google Scholar]
25.Bundesministerium der Justiz und für Verbraucherschutz . 1988. Verpflichtung der Leistungserbringer zur Qualitätssicherung. [Google Scholar]
26.Ersatzkassen V.d. 2016. Gemeinsamer Bundesausschuss (G-BA) https://www.vdek.com/presse/glossar_gesundheitswesen/gemeinsamer-bundesausschuss.html#:∼:text=Der%20Gemeinsame%20Bundesausschuss%20(G%2DBA,Krankenh%C3%A4user%20und%20Krankenkassen%20in%20Deutschland [accessed 23 August 2021] [Google Scholar]
27.Bundesministerium der Justiz und für Verbraucherschutz . 2021. Medizinproduktebetreiberverordnung. [Google Scholar]
28.DIN EN ISO 9001:2015-11 . 2015. Qualitätsmanagementsysteme - Anforderungen. [Google Scholar]
29.D IN EN 80001-1:2011-11 . 2017. Anwendung des Risikomanagements für IT-Netzwerke, die Medizinprodukte beinhalten. [Google Scholar]
30.2016. Beschluss des Gemeinsamen Bundesausschusses über eine Qualitätsmanagement-Richtlinie. [Google Scholar]
31.2020. Universitätsklinikum Erlangen: Zahlen und Fakten. https://www.uk-erlangen.de/presse/zahlen-und-fakten/ [accessed 23 August 2021] [Google Scholar]
32.Universitätsklinikum Erlangen . 2021. Organisation. https://www.uk-erlangen.de/organisation/ [accessed 23 August 2021] [Google Scholar]
33.Terezakis S.A., Pronovost P., Harris K., Deweese T., Ford E. Safety strategies in an academic radiation oncology department and recommendations for action. Jt Comm J Qual Patient Saf. 2011;37(7):291–299. doi: 10.1016/s1553-7250(11)37037-7. [DOI] [PMC free article] [PubMed] [Google Scholar]
34.Ford E.C., Evans S.B. Incident learning in radiation oncology: a review. Med Phys. 2018;45(5):e100–e119. doi: 10.1002/mp.12800. Epub 11 April 2018. PMID: 29419944. [DOI] [PubMed] [Google Scholar]
35.Baehr A., Oertel M., Kröger K., Eich H.T., Haverkamp U. Implementing a new scale for failure mode and effects analysis (FMEA) for risk analysis in a radiation oncology department. Strahlenther Onkol. 2020;196(12):1128–1134. doi: 10.1007/s00066-020-01686-w. Epub 19 September 2020. PMID: 32951162. [DOI] [PubMed] [Google Scholar]
36.Ford E.C., Terezakis S. How safe is safe? Risk in radiotherapy. Int J Radiat Oncol Biol Phys. 2010;78(2):321–322. doi: 10.1016/j.ijrobp.2010.04.047. PMID: 20832662. [DOI] [PubMed] [Google Scholar]
37.Perks J.R., Stanic S., Stern R.L., Henk B., Nelson M.S., Harse R.D., et al. Failure mode and effect analysis for delivery of lung stereotactic body radiation therapy. Int J Radiat Oncol Biol Phys. 2012;83(4):1324–1329. doi: 10.1016/j.ijrobp.2011.09.019. Epub 22 December 2011. PMID: 22197236. [DOI] [PubMed] [Google Scholar]
38.Wolff T. 2019. Essential Risk analysis App for Confluence. https://marketplace.atlassian.com/apps/1220229/essential-risk-management-for-confluence?tab=overview&hosting=cloud [accessed 23 August 2021] [Google Scholar]
39.International Atomic Energy Agency . IAEA-TECDOC-1685, IAEA Vienna; 2016. Application of the risk matrix method to radiotherapy. [Google Scholar]
40.Klüter S., Schrenk O., Katharina Renkamp C., Gliessmann S., Kress M., Debus J., et al. A practical implementation of risk analysis for the clinical introduction of online adaptive magnetic resonance-guided radiotherapy. Phys Imaging Radiat Oncol. 2021;17:53–57. doi: 10.1016/j.phro.2020.12.005. [DOI] [PMC free article] [PubMed] [Google Scholar]
41.Atlassian. Use advanced search with Jira Query Language: https://support.atlassian.com/jira-software-cloud/docs/use-advanced-search-with-jira-query-language-jql/ [accessed 28 September 2021].
42.Shariff M., Stillkrieg W., Lotter M., Lohmann D., Weissmann T., Fietkau R., et al. 2021. Dosimetry, optimization and FMEA of total skin electron irradiation (TSEI). accepted in Z Med Phys. [DOI] [PMC free article] [PubMed] [Google Scholar]

[bib0225] 1.Guckenberger M., Baus W.W., Blanck O., Combs S.E., Debus J., Engenhart-Cabillic R., et al. Definition and quality requirements for stereotactic radiotherapy: consensus statement from the DEGRO/DGMP Working Group Stereotactic Radiotherapy and Radiosurgery. Strahlenther Onkol. 2020;196(5):417–420. doi: 10.1007/s00066-020-01603-1. PMID: 32211940; PMCID: PMC7182610. [DOI] [PMC free article] [PubMed] [Google Scholar]

[bib0230] 2.Kriz J., Baues C., Engenhart-Cabillic R., Haverkamp U., Herfarth K., Lukas P., et al. New quality assurance program integrating “modern radiotherapy” within the German Hodgkin Study Group. Strahlenther Onkol. 2017;193(2):100–108. doi: 10.1007/s00066-016-1048-y. [English]. Epub 27 September 2016. PMID: 27678010. [DOI] [PubMed] [Google Scholar]

[bib0235] 3.Steiniger B., Berger R., Eilzer S., Kornhuber C., Lorenz K., Peil T., et al. Patient-related quality assurance with different combinations of treatment planning systems, techniques, and machines: a multi-institutional survey. Strahlenther Onkol. 2017;193(1):46–54. doi: 10.1007/s00066-016-1064-y. Epub 3 November 2016. PMID: 27812732. [DOI] [PubMed] [Google Scholar]

[bib0240] 4.Gesetz zur Kontrolle und Transparenz im Unternehmensbereich (KonTraG) 1998. Bundesgesetzblatt Teil 1. [Google Scholar]

[bib0245] 5.IT-Sicherheitsgesetz; 2015. Bundesministerium für Sicherheit in der Informationstechnik. [Google Scholar]

[bib0250] 6.Bundesministerium für Sicherheit in der Informationstechnik . 2016. Verordnung zur Bestimmung Kritischer Infrastrukturen nach dem BSI-Gesetz. [Google Scholar]

[bib0255] 7.Bundesministerium für Sicherheit in der Informationstechnik . 2017. Gesetz zur Umsetzung der Richtlinie (EU) 2016/1148. [Google Scholar]

[bib0265] 8.Bundesministerium der Justiz und für Verbraucherschutz . 2020. Gesetz zur Durchführung unionsrechtlicher Vorschriften betreffend Medizinprodukte (Medizinprodukte-Durchführungsgesetz-MPDG) [Google Scholar]

[bib0270] 9.Bundesministerium der Justiz und für Verbraucherschutz . 2018. Verordnung zum Schutz vor der schädlichen Wirkung ionisierender Strahlung (Strahlenschutzverordnung - StrlSchV) [Google Scholar]

[bib0275] 10.European Union . 2013. Richtlinie 2013/59/EURATOM des Rates. [Google Scholar]

[bib0280] 11.2015. Empfehlungen von BfS, DEGRO, DGMP und DGN zur Risikoanalyse bei therapeutischen Strahlenanwendungen Artikel 63 Buchstabe b der EU-Direktive 2013/59/Euratom. https://www.bfs.de/SharedDocs/Downloads/BfS/DE/fachinfo/ion/empfehlungen-risikoanalyse.pdf;jsessionid=72E44A52D4AB37033D24A9BF2A9C98B2.1_cid382?__blob=publicationFile&v=1 [accessed 11 November 2021] [Google Scholar]

[bib0285] 12.Huq M.S., Fraass B.A., Dunscombe P.B., Gibbons J.P., Jr., Ibbott G.S., Mundt A.J., et al. The report of Task Group 100 of the AAPM: application of risk analysis methods to radiation therapy quality management. Med Phys. 2016;43(7):4209. doi: 10.1118/1.4947547. PMID: 27370140; PMCID: PMC4985013. [DOI] [PMC free article] [PubMed] [Google Scholar]

[bib0290] 13.Younge K.C., Wang Y., Thompson J., Giovinazzo J., Finlay M., Sankreacha R. Practical implementation of failure mode and effects analysis for safety and efficiency in stereotactic radiosurgery. Int J Radiat Oncol Biol Phys. 2015;91(5):1003–1008. doi: 10.1016/j.ijrobp.2014.12.033. Epub 7 February 2015. PMID: 25670543. [DOI] [PubMed] [Google Scholar]

[bib0295] 14.Ford E.C., Gaudette R., Myers L., Vanderver B., Engineer L., Zellars R., et al. Evaluation of safety in a radiation oncology setting using failure mode and effects analysis. Int J Radiat Oncol Biol Phys. 2009;74(3):852–858. doi: 10.1016/j.ijrobp.2008.10.038. [DOI] [PMC free article] [PubMed] [Google Scholar]

[bib0300] 15.Ford E.C., Smith K., Terezakis S., Croog V., Gollamudi S., Gage I., et al. A streamlined failure mode and effects analysis. Med Phys. 2014;41(6):061709. doi: 10.1118/1.4875687. PMID: 24877804. [DOI] [PubMed] [Google Scholar]

[bib0305] 16.European Union . 2006. Directive 2006/49/EC of the European Parliament and of the council. [Google Scholar]

[bib0310] 17.European Union . 2006. Directive 2006/48/EG of the European Parliament and of the council. [Google Scholar]

[bib0315] 18.European Union . 2001. Directive 2001/83/EC of the European Parliament and of the council. [Google Scholar]

[bib0320] 19.European Union . 2002. Regulation (EC) no 178/2002 of the European Parliament and of the council. [Google Scholar]

[bib0325] 20.European Union . 2017. Regulation (EU) 2017/745 of the European Parliament and of the council on medical devices, amending Directive 2001/83/EV, Regulation (EC) No 178/2002 and Regulation (EC) No 1223/2009 and repealing Council Directives 90/385/EEC and 93/42/EEC. [Google Scholar]

[bib0330] 21.European Union . 2016. Directive (EU) 2016/1148 of the European Parliament and of the council. [Google Scholar]

[bib0335] 22.Bundesministerium der Justiz und für Verbraucherschutz . 2017. Gesetz über die Grundsätze des Haushaltsrechts des Bundes und der Länder (Haushaltsgrundgesätzegesetz - HGrG) [Google Scholar]

[bib0340] 23.Bundesministerium der Justiz und für Verbraucherschutz . 2017. Gesetz zum Schutz vor der schädlichen Wirkung ionisierender Strahlung (Strahlenschutzgesetz - StrlSchG) [Google Scholar]

[bib0345] 24.Bundesministerium des Inneren . 2019. IT-Sicherheitsgesetz 2.0. [Google Scholar]

[bib0350] 25.Bundesministerium der Justiz und für Verbraucherschutz . 1988. Verpflichtung der Leistungserbringer zur Qualitätssicherung. [Google Scholar]

[bib0355] 26.Ersatzkassen V.d. 2016. Gemeinsamer Bundesausschuss (G-BA) https://www.vdek.com/presse/glossar_gesundheitswesen/gemeinsamer-bundesausschuss.html#:∼:text=Der%20Gemeinsame%20Bundesausschuss%20(G%2DBA,Krankenh%C3%A4user%20und%20Krankenkassen%20in%20Deutschland [accessed 23 August 2021] [Google Scholar]

[bib0360] 27.Bundesministerium der Justiz und für Verbraucherschutz . 2021. Medizinproduktebetreiberverordnung. [Google Scholar]

[bib0365] 28.DIN EN ISO 9001:2015-11 . 2015. Qualitätsmanagementsysteme - Anforderungen. [Google Scholar]

[bib0370] 29.D IN EN 80001-1:2011-11 . 2017. Anwendung des Risikomanagements für IT-Netzwerke, die Medizinprodukte beinhalten. [Google Scholar]

[bib0380] 30.2016. Beschluss des Gemeinsamen Bundesausschusses über eine Qualitätsmanagement-Richtlinie. [Google Scholar]

[bib0385] 31.2020. Universitätsklinikum Erlangen: Zahlen und Fakten. https://www.uk-erlangen.de/presse/zahlen-und-fakten/ [accessed 23 August 2021] [Google Scholar]

[bib0390] 32.Universitätsklinikum Erlangen . 2021. Organisation. https://www.uk-erlangen.de/organisation/ [accessed 23 August 2021] [Google Scholar]

[bib0395] 33.Terezakis S.A., Pronovost P., Harris K., Deweese T., Ford E. Safety strategies in an academic radiation oncology department and recommendations for action. Jt Comm J Qual Patient Saf. 2011;37(7):291–299. doi: 10.1016/s1553-7250(11)37037-7. [DOI] [PMC free article] [PubMed] [Google Scholar]

[bib0400] 34.Ford E.C., Evans S.B. Incident learning in radiation oncology: a review. Med Phys. 2018;45(5):e100–e119. doi: 10.1002/mp.12800. Epub 11 April 2018. PMID: 29419944. [DOI] [PubMed] [Google Scholar]

[bib0405] 35.Baehr A., Oertel M., Kröger K., Eich H.T., Haverkamp U. Implementing a new scale for failure mode and effects analysis (FMEA) for risk analysis in a radiation oncology department. Strahlenther Onkol. 2020;196(12):1128–1134. doi: 10.1007/s00066-020-01686-w. Epub 19 September 2020. PMID: 32951162. [DOI] [PubMed] [Google Scholar]

[bib0410] 36.Ford E.C., Terezakis S. How safe is safe? Risk in radiotherapy. Int J Radiat Oncol Biol Phys. 2010;78(2):321–322. doi: 10.1016/j.ijrobp.2010.04.047. PMID: 20832662. [DOI] [PubMed] [Google Scholar]

[bib0415] 37.Perks J.R., Stanic S., Stern R.L., Henk B., Nelson M.S., Harse R.D., et al. Failure mode and effect analysis for delivery of lung stereotactic body radiation therapy. Int J Radiat Oncol Biol Phys. 2012;83(4):1324–1329. doi: 10.1016/j.ijrobp.2011.09.019. Epub 22 December 2011. PMID: 22197236. [DOI] [PubMed] [Google Scholar]

[bib0420] 38.Wolff T. 2019. Essential Risk analysis App for Confluence. https://marketplace.atlassian.com/apps/1220229/essential-risk-management-for-confluence?tab=overview&hosting=cloud [accessed 23 August 2021] [Google Scholar]

[bib0425] 39.International Atomic Energy Agency . IAEA-TECDOC-1685, IAEA Vienna; 2016. Application of the risk matrix method to radiotherapy. [Google Scholar]

[bib0430] 40.Klüter S., Schrenk O., Katharina Renkamp C., Gliessmann S., Kress M., Debus J., et al. A practical implementation of risk analysis for the clinical introduction of online adaptive magnetic resonance-guided radiotherapy. Phys Imaging Radiat Oncol. 2021;17:53–57. doi: 10.1016/j.phro.2020.12.005. [DOI] [PMC free article] [PubMed] [Google Scholar]

[bib0435] 41.Atlassian. Use advanced search with Jira Query Language: https://support.atlassian.com/jira-software-cloud/docs/use-advanced-search-with-jira-query-language-jql/ [accessed 28 September 2021].

[bib0440] 42.Shariff M., Stillkrieg W., Lotter M., Lohmann D., Weissmann T., Fietkau R., et al. 2021. Dosimetry, optimization and FMEA of total skin electron irradiation (TSEI). accepted in Z Med Phys. [DOI] [PMC free article] [PubMed] [Google Scholar]

PERMALINK

Risk analysis for radiotherapy at the Universitätsklinikum Erlangen

Daniel Lohmann

Marga Lang-Welzenbach

Lorenz Feldberger

Ellen Sommer

Stefan Bücken

Michael Lotter

Oliver J Ott

Rainer Fietkau

Christoph Bert

Abstract

Purpose

Methods

Results

Conclusion

1. Introduction

Table 1.

2. Materials and methods

2.1. Relevant laws and regulations

2.2. Overview of UK Erlangen and the Department of Radiation Oncology

2.3. Implementation of risk analysis at UK Erlangen

Figure 1.

Figure 2.

Figure 4.

3. Initial experiences

Figure 3.

4. Discussion

5. Conclusion

Conflict of interest

Acknowledgments

Appendix A.

Table 2.

Table 3.

Table 4.

Table 5.

References

ACTIONS

PERMALINK

RESOURCES

Similar articles

Cited by other articles

Links to NCBI Databases